Vulnerabilities > Digitizing Quote AND Ordering System > Digitizing Quote AND Ordering System
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-01-09 | CVE-2007-0144 | Cross-Site Scripting vulnerability in Digitizing Quote and Ordering System Digitizing Quote and Ordering System 1.0 Cross-site scripting (XSS) vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the ordernum parameter. | 6.8 |
2006-12-31 | CVE-2006-6911 | SQL-Injection vulnerability in Digitizing Quote and Ordering System Digitizing Quote and Ordering System 1.0 SQL injection vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 allows remote authenticated users to execute arbitrary SQL commands via the ordernum parameter. | 6.0 |